This is an automated email from the ASF dual-hosted git repository. centic pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/poi.git
commit f8a8189230d4a32ae0bb18a368da9c77d5e645b4 Author: Dominik Stadler <[email protected]> AuthorDate: Sat Jan 10 10:02:17 2026 +0100 Use the proper add-method to perform the check for max number of children If adding is done without check it can trigger OOM when fuzzing. This should fix https://issues.oss-fuzz.com/issues/391709145 --- .../org/apache/poi/ddf/UnknownEscherRecord.java | 2 +- ...ase-minimized-POIHPBFFuzzer-4918886059278336.pub | Bin 0 -> 32832 bytes test-data/spreadsheet/stress.xls | Bin 75264 -> 75264 bytes 3 files changed, 1 insertion(+), 1 deletion(-) diff --git a/poi/src/main/java/org/apache/poi/ddf/UnknownEscherRecord.java b/poi/src/main/java/org/apache/poi/ddf/UnknownEscherRecord.java index 67b6bc6317..98434aaace 100644 --- a/poi/src/main/java/org/apache/poi/ddf/UnknownEscherRecord.java +++ b/poi/src/main/java/org/apache/poi/ddf/UnknownEscherRecord.java @@ -103,7 +103,7 @@ public final class UnknownEscherRecord extends EscherRecord { bytesWritten += childBytesWritten; offset += childBytesWritten; bytesRemaining -= childBytesWritten; - getChildRecords().add( child ); + addChildRecord( child ); } return bytesWritten; } diff --git a/test-data/publisher/clusterfuzz-testcase-minimized-POIHPBFFuzzer-4918886059278336.pub b/test-data/publisher/clusterfuzz-testcase-minimized-POIHPBFFuzzer-4918886059278336.pub new file mode 100644 index 0000000000..c901951b19 Binary files /dev/null and b/test-data/publisher/clusterfuzz-testcase-minimized-POIHPBFFuzzer-4918886059278336.pub differ diff --git a/test-data/spreadsheet/stress.xls b/test-data/spreadsheet/stress.xls index 94775397c8..4b0be32353 100644 Binary files a/test-data/spreadsheet/stress.xls and b/test-data/spreadsheet/stress.xls differ --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
